3186
Talk and help about bugbounty
https://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209
Читать полностью…
I've lot of private programs if anybody wanna work with me on private bounty program's DM me
Читать полностью…
anybody wants collaborate with ne I got a cool private invite froma. program and they doubled bounty scope is huge
Читать полностью…
The website is reflecting response but may payload isn't working.
Читать полностью…
How to deep crawl subdomains in a website is there any techniques or methodology is there to deep enumeration the subdomains
Читать полностью…
having a feeling that telegram will go down too.
Читать полностью…
Maybe the problem that browser blocks specialchars
Читать полностью…
And I don't understand why I can't make a xss here
Читать полностью…
Thanks bro for doing all this
Let me see portswigger
Is it trusted and worth it should i pay 65 dolar ?
Читать полностью…
Hi all, I’m looking over the Internet for materials on Complete SAP pentest but can’t find a good one. If anyone in this group have any info please do share me
Читать полностью…
Hi guys, is anyone using a Mac with M1/M2/M3? What do you think about it for bug hunting? Any compatibility issues?
Читать полностью…
hi, it is possible to inject xss in svg and in pdf?
I can send svg to pdf via post request
Hello guys is there any rce for httpbin? Or known high critical vulnerabilities
Читать полностью…
Maybe it's escaped or inside some element that prevents it from triggering
Читать полностью…
I recently visited the official airdrop page at https://hanchain.online is and attempted to claim the airdrop. However, I encountered an issue—I was only able to successfully redeem the airdrop once. Could you please provide clarification on why this limitation exists?
Читать полностью…
hello fellow hunters, if the target program detected that i have gained access to other accounts, and fixed the vulnerability before my report get triaged, is that means i won't get paid...?
Читать полностью…
Asking for a bounty when there was none advertised isn't good business, even if all the necessary information is provided. If this "hacker" is contacting you and asking for a bounty without giving you all the details you need to reproduce the vulnerability yourself then that is blackmail and possibly a scam if the vulnerability is bogus.
Читать полностью…
Hi, I need help, we have a site on platform, scammer wrote to me and says “ I will turn off your site, if you will not pay to me, and say about bug bounty, how can I secure site?
Читать полностью…
I understand that I need to send noturlencoded payload
Читать полностью…
<html>
<head>
<title>Welcome!</title>
</head>
<body>
Welcome <span id="welcome"></span>
<script>
var position = document.URL.indexOf("name=");
var name = document.URL.substring(position+5,document.URL.length);
var welcome =document.getElementById("welcome");
welcome.innerHTML = name;
</script>
</body>
</html>
If you don't want to pay - https://portswigger.net/
Читать полностью…
Hello guys i am totally confused how to start what to lear first for bug Bounty what should i do first
Читать полностью…
There is no waf on the site
The website is written in Python
It has Header: X-XSS-Protection
But the site is in Reflection
I wonder if we can do something better about Xss Reflcted first?